NB530: Broadcom Hits 102.4 Tbps With Tomahawk 6; Wireshark Debuts Certificate Program
Take a Network Break! We start with two critical vulnerabilities: one affecting cloud versions of Cisco ISE, and the other for HPE StoreOnce. In the news, Broadcom announces the Tomahawk 6 ASIC with 102.4Tbits of bandwidth, SentinelOne suffers a self-imposed network outage, and the Wireshark Foundation announces its first-ever professional certification for Wireshark. Cisco rebrands... Read more »Getting Started with the Pytest Plugin for Infrahub
We all write code, but how do we know the changes we make in the future won’t break something that used to work? That’s where testing becomes important.
The idea is to catch problems early, ideally before they reach production. In the Python world, one of the most common ways to do this is with a tool called pytest. It lets you write tests to check that your code behaves the way you expect and helps you catch issues before they become a bigger problem.
Originally published under - https://www.opsmill.com/pytest-plugin-infrahub/
When working with Infrahub, testing is just as important. You might want to make sure your GraphQL queries are valid, your Jinja2 templates render correctly, or your transformations behave as expected.
Infrahub simplifies this by offering a pytest plugin that doesn’t require Python code; you define tests using plain YAML. This makes testing more accessible to teams across roles and speeds up the feedback loop during development.
These kinds of unit tests aren’t just about convenience, they help establish a production-ready automation system. With automated checks built into your process, every change is validated consistently, reducing the chance of something breaking unexpectedly. That consistency builds trust when your Continue reading
Publishing Content as an Introvert
I got an interesting question from a reader. He listened to my podcast with Eric Chou and decided to try to learn in public:
Currently, I’m studying for the CCNP ENARSI exam, and would like to start posting my labs to LinkedIn, and perhaps even upload my lab topologies and configs to Git.
That’s a great idea. I would minimize the LinkedIn part1 and focus on Git:
Deploying ELK Stack with Docker Compose (2025 Edition)
This guide walks you through installing and configuring the ELK Stack (Elasticsearch, Logstash, Kibana, and Filebeat) using Docker Compose. It is fully updated for Elasticsearch 9.0.2 and explains the necessary changes for versions 8+ and above, including the required security setup and user permissions. Prerequisites Ensure you have the following installed on your system: The […]
<p>The post Deploying ELK Stack with Docker Compose (2025 Edition) first appeared on IPNET.</p>
UGreen NASync DXP2800 Review and First Impressions
TL;DR - For anyone who doesn’t want to go through the full post, here’s the short version. I bought the UGreen NASync DXP2800 (2 bay) from Amazon for £249 and paired it with two Seagate Ironwolf 8TB HDDs, around £180 each.
The unit comes with an Intel N100 CPU, 8GB of RAM (upgradeable to 16GB, but there’s only one RAM slot), and a 2.5Gb/s LAN port. It has a solid build, was easy to set up, and I actually like the UI. Sure, it lacks a lot of features compared to Synology or QNAP, but since I’m mainly using it for file storage, I’m happy with the purchase.
Setting up Proxmox Backup Server
In this post, we’ll go through the process of setting up Proxmox Backup Server and backing up all the VMs from my Proxmox server to this backup server. So, let’s get to it.
Suresh Vina
But Why UGreen NAS?
The short answer is, this is the best bang for the buck. For £249, I’m getting a 2-bay NAS with an N100 CPU, 8GB of RAM, a 2.5Gb/s LAN port, and two NVMe slots.
I’ve been wanting to buy a NAS for over Continue reading
Hedge 270: Password Psychology
Password hygiene drives IT professionals crazy–people forget their passwords, will not change them often enough, and choose weak ones. But are IT folks immune to these problems? What is the psychology behind passwords, and how do we do better? Karl Buhl joins Tom and Russ to talk about passwords.
download
HN784: Accelerate Your Network Automation With Gluware Labs and New Ansible Collection (Sponsored)
Network automation is today’s topic with sponsor Gluware. Gluware provides a network automation platform that targets both network engineers and automation builders. On today’s Heavy Networking, we discuss how Gluware supports these two constituencies. We also talk about a recent product announcement, Gluware Labs. Gluware Labs includes a free Community Edition of Gluware software you... Read more »Finding End-to-End Paths: Topology and Endpoints
We know there are three main ways to move packets across a network. However, before we can start forwarding packets, someone has to populate the forwarding tables in the intermediate devices or build the sequence of nodes to traverse in source routing.
Usually, whoever is responsible for the contents of the forwarding tables must first discover the network topology. Let’s start there, using the following network diagram to illustrate the discussion.
Juniper vJunos-router in Containerlab
If you follow me or read my blog, you probably know I'm a big advocate of Containerlab. I've been using it for over two years now and I absolutely love it. Why? Because it's open source, it has an amazing community behind it (thank you again, Roman), and labs are defined using simple YAML files that are easy to share and reuse.
So far, I've used Cisco IOL, Arista EOS, and Palo Alto VM in Containerlab. And finally, the time came to try Juniper. I decided to test the Juniper vJunos-router, which is a virtualized MX router. It's a single-VM version of vMX that doesn't require any feature licenses and is meant for lab or testing purposes. You can even download the image directly from Juniper's website without needing an account. Thank you, Juniper and Cisco, please take note. In this post, I'll show you how to run Juniper vJunos-router in Containerlab.
Prerequisites
This post assumes you're somewhat familiar with Containerlab and already have it installed. If you're new, feel free to check out my introductory blog below. Containerlab also has great documentation on how to use vJunos-router, so be sure to check that out as well.
Containerlab - Creating Continue reading
TL015: Continuous Reinvention With Brad Maltz
“Reinvent or die” is an apt adage for the ever-churning technology industry. Brad Maltz joins us to share his insights on what he calls “continuous reinvention” and how that relates to his own career and why others might want to adopt this mindset. Brad is a Senior Director of AI Solutions at Dell and has... Read more »N4N029: Four Goals of Network Design
Let’s explore four goals of network design: stability, speed, scalability, and security. These goals are based on Ethan’s experience designing, building, and operating networks. Network architects and design experts might have other objectives, and that’s fine, but these four goals are the basis of today’s episode. Ethan and Holly discuss why these four goals are... Read more »Picking uncontested private IP subnets with usage data
Picking uncontested private IP subnets with usage data
If the device you are reading this on has an IPv4 address, it is very likely not a publicly routeable one. This is because the wide scale dep
Weird: Ports on Linux Bridge Are Stuck
Just when you thought you got used to the weirdnesses in the networking implementations, you get a curveball like this one. Life is never dull if you test network devices.
Before releasing netlab release 2.0, I ran the full suite of integration tests for all devices for which I have the images. Interestingly, most VXLAN tests failed for Cumulus Linux 4.x even though we haven’t touched that code for ages.
Next step: trying to figure out what changed. The configuration changes were minimal. Even worse, the failure was non-deterministic. Somehow, we managed to transform a Cumulus Linux 4.x VM into a Heisenberg switch.
D2DO274: Firefly’s State of IaC Report for 2025, aka ClickOps Is a Disgrace (Sponsored)
Firefly is a cloud infrastructure automation platform that helps cloud teams, DevOps, SRE, platform engineering, DevSecOps, and other groups manage their entire cloud as code. Firefly helps to manage cloud complexity and produce consistent and efficient cloud platforms with code. To help Firefly better understand their customers and industry trends around Infrastructure as Code (IaC),... Read more »NAN093: Network Automation – There Must Be a Better Way!
“There must be a better way!” is guest Bart Dorlandt’s motto, which he applies to network automation, among other things. In today’s episode, Bart shares what he’s learned about network automation, explains why he focuses on process over tools, and reflects on the importance of mentorship. Bart and Eric also discuss why even if listeners... Read more »Is It Time to Migrate? A Practical Look at Kubernetes Ingress vs. Gateway API
If you’ve managed traffic in Kubernetes, you’ve likely navigated the world of Ingress controllers. For years, Ingress has been the standard way of getting HTTP/S services exposed. But let’s be honest, it often felt like a compromise. We wrestled with controller-specific annotations to unlock critical features, blurred the lines between infrastructure and application concerns, this complexity didn’t just make portability more difficult, it sometimes led to security vulnerabilities and other complications.
As part of Calico Open Source v3.30, we have released a free and open source Calico Ingress Gateway that implements a custom built Envoy proxy with the Kubernetes Gateway API standard to help you navigate Ingress complexities with style. This blog post is designed to get you up to speed on why such a change might be the missing link in your environment.
The Situation: The Ingress Rut
The challenge with traditional Ingress wasn’t a lack of effort, since the landscape is full of innovative solutions. However, the problem was the lack of a unified, expressive, and role-aware standard. Existing ingress controllers were capable, implemented advanced features, however at the same time tied you to a specific project/vendor.
This meant:
- Vendor Lock-In: Migrating from one ingress controller Continue reading